Breaking the Silos in Stress Testing

Integrating different risks in a single framework greatly benefits all financial institutions – leading to better communication, risk assessment, and long-term performance.

It started with the subprime crisis. Defaults in US subprime mortgages impacted the price of some structured instruments, mainly for credit risk reasons. Investors, realising there were significant losses, decided to jettison these increasingly risky securitised instruments. Banks faced the difficulty of raising funds using these special purpose vehicles. As the market became aware of the situation, mainly because too many banks were selling assets to get liquidity, confidence between financial institutions disappeared. At that point, it was impossible to restore confidence in the interbank market. Credit risk in one specific market had been transformed into liquidity risk.

The story is now well known and other risk factors can be added to the whole process, like interest rates. When the interest rates went up in the US, it increased the number of defaults in US subprime mortgages – generally floating rate loans. Risk managers and regulators realised that it was necessary to analyse the combined impact of different risks, especially in a crisis scenario.

Furthermore, in light of the recent credit crisis and the emerging business and regulatory environment coming out of that crisis, many banks are rethinking their traditional operating structures. Banks are realising that their legacy organisation structures need to be closely revisited and some enduring organisational walls will need to come down – either physically or logically – or at least be chipped away in a meaningful way.

This article illustrates that a crisis can occur, or be exacerbated, when risks are managed in different silos in banks. It first defines the different types of risks that can be correlated and provides examples that illustrate how banks should model the different risks together. The second section highlights the benefits of having an integrated process for measuring the risks, not just in the context of stress testing. Finally, it describes the challenges of building such a framework and gives suggestions about how to improve it.

Different types of risks

Mapping all the risks that banks face would create an extremely long list. Instead, this article provides examples of the links between some of the most important risks found in banks.

Figure 1. Different types of risks

Source: Moody's Analytics

Liquidity and credit risk

‘The financial crisis has highlighted the need to better integrate solvency and liquidity stress testing. A sharp rise in their euro and US dollar funding costs, or quantitative rationing, was often the trigger for the failure of banks during the crisis, and for the difficulties that many European banks continue to face’. (International Monetary Fund, 2013)

Liquidity risk is linked to credit risk. When a loan is not repaid, the impact on the incoming cash flow is straightforward and the treasurer needs to find another source of funding to replace the inflows. Before the crisis in 2008, it impacted a bank’s P&L, but it was not a significant problem for a treasurer to find cash in the very liquid interbank market. However, after the financial crisis, stress scenarios where it is difficult or even impossible to borrow money from the interbank market have become plausible.

A crisis can occur or be exacerbated when risks are managed in different silos in banks.

Another connection is the impact of credit risk on the reputations of financial institutions. For example, a local bank in a region where the unemployment rate and therefore the number of defaults is high, will find it more difficult to get money from other banks who consider the bank more risky because of the local economy.

Finally, it has been proven that in difficult times, banks tend to lend only to good customers (i.e., lending less globally); thus creating fewer outflows, positively impacting the liquidity risk metrics.

Liquidity and interest rates

ALM teams have always worked on interest rate risk and liquidity risk. Basically, the maturity mismatch between assets and liabilities could be analysed for both risks. Retail banks, for example, tend to lend money with longer maturities for mortgage loans and have short-term resources with non-term deposits. Contractually, all customers could go to their banks and withdraw money from their savings accounts.

For long-term loans, there is generally an implicit option for a customer to prepay their loan. This can be a so-called behavioural option (e.g., a customer decides to prepay because he is selling his house), or a financial option, because interest rates have decreased and a customer wants to renegotiate his loan.

There is not only a link between interest rate risk and liquidity risk, but also the impact of reputational risk on the two, as the behaviour of customers can be driven by the bank’s image. Northern Rock is an interesting example because even with a guarantee of the Bank of England, confidence in it was difficult to restore.

FX and credit risk

When a bank decides to enter a new market, with a different currency, they have two possible options. The first option is to lend money in the local currency. In this case, a bank only has to deal with foreign exchange (FX) risk; that is, their exposure to unanticipated changes in the exchange rate between two currencies. But a bank could also decide to lend money in a more liquid currency (e.g., US dollar or euro). Their customers would benefit from this second option because interest rates are generally lower in euros or US dollars than in less liquid currencies. However, their customers would then be exposed to currency risk as their salaries are generally paid in local currencies. Hence, in the case of a challenging scenario, an increase in the exchange rate could lead to many more defaults than what was initially assessed.

Again, the correlation may be very small in a normal scenario but could become very high in a stress scenario. Therefore, this link must be modelled carefully in the context of a stress testing exercise.

FX and liquidity

FX rates can have a big impact on liquidity. Most of the reports required by the different supervisors now have to be produced per currency, as there is a difference between having cash in a local currency and the US dollar. Even when the exchange rate is indexed on the dollar, some differences can appear when a crisis occurs. It is therefore very important to calculate two metrics in each currency.

They forget that the cost of cleaning data and aggregating results can be very high, especially if the frequency of the stress tests increases.

Even for liquid currencies it is not always easy to exchange one currency for another. At the end of 2012, French banks discovered that their US dollar funding dried up. Even if they had a sufficient amount of cash in euros, they could not easily find enough US dollars, which led them to decrease their reliance on US funding sources.

THE BENEFITS OF THE INTEGRATION OF RISKS

‘Firms that avoided significant losses appear to have a better ability to integrate exposures across businesses for both market and counterparty risk management. Other firms did not appear to have sufficient abilities to identify consolidated, firm-wide, single-factor stress sensitivities and concentrations’. (Senior Supervisors Group, 2008)

The Senior Supervisors Group’s findings should compel every banker to implement an integrated risks framework inside their financial institution. Unfortunately, many bankers still believe their institution will avoid significant losses despite not having an effective framework in place.

Be prepared for new regulations

One of the most important benefits of an integrated framework comes from the ability to efficiently respond to the frequent regulatory exercises that banks are required to perform, like the EBA, IMF, or CCAR. Moreover, regular changes in market practices often drive the supervisors to come up with new ideas, sometimes at the last minute. This challenge can be extended to the internal requirements from senior management. But a common thread among these fluid requests is the need to analyse the relationships among the full suite of risk factors a bank faces.

Despite being mandatory, these regulatory-driven stress testing exercises have not convinced some financial institutions to build a new framework when they have different tools and departments for different types of risks. They generally prefer to stick to their business model, whilst aggregating the data from the different tools. By doing so, they forget that the cost of cleaning data and aggregating results can be very high, especially if the frequency of the stress tests increases. Beyond the tangible costs, there is the high inherent control risk associated with such inefficient and extensive processes, many of which include substantial manual intervention with poor controls.

Better understand the risks

The example explaining the link between FX and credit risk is instructive. In some banks, the fact that there are silos (e.g., people in charge of credit risk and others in charge of FX risk), leads to unmonitored – and so unmanaged – risk. The credit risk team could categorise a risk as FX whilst the market risk team could say that it is credit risk.

This illustrates that risk departments will need to better understand all the connections between all the risks – particularly powerful when creating a contingency plan in case a similar scenario occurs.

This also helps build consistent business plans for new strategic investments. For example, before buying another bank or creating a subsidiary in a foreign country, banks can perform simulations to pinpoint the worst impact of such an investment.

Finally, every team can ensure that the numbers are consistent in the various internal reports when aggregating the data (from credit risk, liquidity risk, FX risk, etc.).

Sharing information

‘According to some risk managers, the larger the shock imposed, the less plausible the stress tests or scenarios in the eyes of a business area and senior management’. (Senior Supervisors Group, 2008)

It seems that the definition of a plausible scenario has changed significantly over time. A sovereign default in Europe was very unlikely five years ago but is now the basis of many stress tests. Using a comprehensive framework not only helps banks better understand why a scenario is plausible, it also makes it more difficult for senior managers (among others) to say that they do not believe that scenario X will lead to consequences Y and Z, as the full framework will be properly documented.

Using the same data, framework, and metrics also enable people to speak the same language. Some treasurers view their risk department as an impediment to effectively doing their job. Risk managers face challenges when explaining to the business lines to what extent one specific transaction could impact the bank. Simply put, business lines were speaking P&L, the credit risk team was speaking Probability of Default (PD)/ Loss Given Default (LGD), and the ALM team was speaking about gaps.

Sharing information and having a common framework fosters communication across an entire organisation, as input data, calculation engines, and reports are based on one platform. Everyone will then have the same level of knowledge about each type of risk. In the end, the strongest benefit is overcoming the barriers between different departments.

Challenges and methodology in practice

A few years ago, measuring different types of risk at the same time was only used to better define a diversification strategy, which mainly pertained to the allocation of economic sectors, countries, and currencies in a single portfolio. For asset managers, this applied to hedge funds, where the risk is not – or minimally – correlated with market prices. Only a few banks managed to implement comprehensive stress tests for two main reasons:

1. Quantifying the impact of the combined risk factors is a difficult task
‘Many managers recognise that stress tests themselves should be dynamic – such that they consider new scenarios as business conditions evolve – yet still be stable enough to provide firms with a useful gauge for monitoring the evolution of their risk profile over time’. (Senior Supervisors Group, 2008)

Methodologies have always been at the heart of risk management. Many quantitative experts write complex models that describe, as precisely as possible, the different risks that a bank can face. This is obviously a difficult task in the case of combined risk factors.

First of all, senior management does not want to know about formulas or models. They are more interested in a global view and do not want to dive into the details. Moreover, liquidity risk issues are completely different than credit risk. For the treasury, liquidity risk is an intraday risk, requiring less complex models and faster – even real-time – observation techniques. Even if modelling is still considered important, infrastructure often receives a larger share of the budget.

Second, stress testing is about a few macroeconomic variables. Most economists only provide frequently used statistics, such as gross domestic product, unemployment rates, consumer price index, equity index, and only two points on the yield curve. A bank must then translate this information to retrieve all the variables needed for every type of risk (e.g., PD, LGD for credit risk, cash flows for liquidity risk, prices for market risk, etc.).

But most importantly, a bank must write an equation that describes the state of their future balance sheet when reacting to multiple scenarios, such as:

If one of a bank’s counterparties defaults, the bank will stop lending to that counterparty

If the equity prices drop below a given limit, the bank will reduce their exposure to the equity market

If the liquidity buffer is not sufficient enough, (e.g., the Liquidity Coverage Ratio falls below 100%) the bank could stop lending or buy high quality liquid assets

2. Having the adequate framework to store data, models, and scenarios
‘Several firms emphasized the need to improve the applicability of forward-looking scenario analysis to the business practices of the firm. […] System flexibility was cited as crucial, although some firms may not have had sufficiently flexible systems to handle customized scenarios and stress tests’ (Senior Supervisors Group, 2008)

The main types of risk have different risk drivers, time horizons, and metrics, making integrating everything complex. That is why it is necessary to have a framework and a methodology. A framework often does not exist in banks because risk management is typically organised by a silo-based approach. Building a framework leads to internal political discussions, which determine who is in charge and what priority is given to the unified project. Banks implement this type of project when senior management realises that risk appetite can only be defined for the entire balance sheet, not just for a single risk department. In this case, a bank would create a team to define the different needs of each department (risk, finance, treasury, capital management, etc.).

The workflow concept is an important requirement for trading portfolios and is also relevant for balance sheet management. In a world where decisions must be made by the right person at the right moment in the right market, information that travels lightning fast through an organisation is beneficial. This is indeed the case for limit monitoring and the origination process.

Integrating different risks in a single framework greatly benefits all financial institutions – leading to better communication, risk assessment, and long-term performance. Most financial institutions started working on a framework because of regulatory pressure. Senior management, however, also does not want to discover that their institution became bankrupt overnight because the balance sheet of a subsidiary abroad was insufficiently analysed. They now see the real benefits of having a system that can quickly provide the information required to make the right decision at the right time.

Integrated stress testing tools can achieve this goal. Unfortunately, this is not an easy task. The people building a framework must not focus too much on the details. They must acknowledge the limitations and try not to create an ultimate model that will never exist. They must also accept that each person in a bank has a field of expertise and can help in the design of the global framework. This is a team effort which will provide a real-time big picture of their institution under different stressed scenarios. The outcome is for senior management to know all the options to better define their strategy and the risk appetite of their financial institution; thus increasing the long-term profitability of shareholders.

Sources

Bank for International Settlements, Principles for Sound Liquidity Risk Management and Supervision, 2008.

Next Article

Related Insights

With greater clarity of the regulatory compliance environment than at any time since before the financial crisis, banks have an excellent opportunity to get off the compliance treadmill and move forward with strategic technology platforms for managing risk.

The new Basel Committee on Banking Supervision (BCBS) standards for IRRBB come into force January 1, 2018. This paper looks at the standards from a practical implementation point of view and raises some of the main challenges.

Funds transfer pricing (FTP) is of growing concern to banks and regulators. But what does FTP have to do with stress testing? A comprehensive FTP framework can help organizations use the results of stress tests to forecast their P&L across departments.

This webinar looks at the need for data quality when managing volatile ratios in a short period of time, improving performance in a low interest rate environment and fulfilling the detailed reports required by supervisors.

This article compares the similar concepts of enterprise risk management and integrated risk management, and considers what risk practitioners can learn from an analysis of the best practices of each in order to strengthen businesses.